Menu
Amazon Inspector
User Guide (Version Latest)

Working with AWS Agents on Linux-based Operating Systems

Sign in to your EC2 instance running a Linux-based operating system, and run any of the following procedures. For more information about operating systems supported for Amazon Inspector see Amazon Inspector Supported Operating Systems and Regions.

Note

The following commands are functional in all regions that are supported by Amazon Inspector.

To install the AWS agent

  1. Download the agent installation script by running either of the following commands:

    • wget https://d1wk0tztpsntt1.cloudfront.net/linux/latest/install

    • curl -O https://d1wk0tztpsntt1.cloudfront.net/linux/latest/install

  2. (Optional) Verify that the AWS agent installation script is not altered or corrupted. For more information, see (Optional) Verify the Signature of the AWS Agent Installation Script on Linux-based Operating Systems.

  3. To install the agent, run sudo bash install.

    Note

    As updates for the AWS agent become available, they are automatically downloaded from Amazon S3 and applied. For more information, see AWS Agent Updates.

    If you want to skip this auto-update process, make sure to run the following command when you install the agent:

    sudo bash install -u false

    Note

    (Optional) To remove the agent installation script, run rm install .

To uninstall the AWS agent

  • To uninstall the agent, use one of the following commands:

    • On Amazon Linux, CentOS, and Red Hat, run sudo yum remove 'AwsAgent*'

    • On Ubuntu Server, run sudo apt-get remove 'awsagent*'

To stop the AWS agent

  • To stop the agent, run sudo /etc/init.d/awsagent stop

To start the AWS agent

  • To start the agent, run sudo /etc/init.d/awsagent start

To verify AWS agent dependencies

  • Make sure that the following files required for the agent to be successfully installed and functioning properly are installed:

    • libcurl3

    • libgcc1

    • libc6

    • libstdc++6

    • libssl1.0.0

    • libpcap0.8

To verify that the AWS agent is running

  • To verify that the AWS agent is installed and running, sign in to your EC2 instance, and run the following command:

    sudo /opt/aws/awsagent/bin/awsagent status

    This command returns the status of the currently running agent, or an error stating that the agent cannot be contacted.

To uninstall the Amazon Inspector Preview version of the agent

  1. Important

    If you installed the agent on your EC2 instances from the Preview release of Amazon Inspector, you must uninstall it.

    Use the following command to download the removal script:

    curl -O https://d1wk0tztpsntt1.cloudfront.net/linux/latest/remove_preview_agent

  2. To remove the Amazon Inspector's Preview agent, run sudo ./remove_preview_agent

  3. You can then use the procedure above to install the latest AWS agent for Amazon Inspector.

To configure proxy support for AWS agents

Proxy support for AWS agents on Linux-based operating systems is achieved by using an AWS agent specific configuration file with specific environment variables. For more information, see https://wiki.archlinux.org/index.php/proxy_settings.

Complete one of the following procedures:

To install an AWS agent on an EC2 instance that uses a proxy server

  1. Create a file called awsagent.env and save it in the /etc/init.d/ directory.

  2. Edit awsagent.env to include these environment variables in the following format:

    • export https_proxy=https://hostname:port

    • export http_proxy=http://hostname:port

    • export no_proxy=169.254.169.254

    Note

    Substitute example values above with valid URLs for https_proxy and http_proxy only. You must specify the IP address of the instance metadata endpoint (169.254.169.254) for the no_proxy variable.

  3. Install the AWS agent by completing the steps in the To install the AWS agent procedure.

To configure proxy support on an EC2 instance with a running AWS agent

  1. In order to configure proxy support, the version of the AWS agent that is running on your EC2 instance must be 1.0.800.1 or higher. If you have the auto-update process for the AWS agent enabled, you can verify that your AWS agent's version is 1.0.800.1 or higher by using the To verify that the AWS agent is running procedure. If you don't have the auto-update process for the AWS agent enabled, you must install the agent on this EC2 instance again by following the To install the AWS agent procedure.

  2. Create a file called awsagent.env and save it in the /etc/init.d/ directory.

  3. Edit awsagent.env to include these environment variables in the following format:

    • export https_proxy=https://hostname:port

    • export http_proxy=http://hostname:port

    • export no_proxy=169.254.169.254

    Note

    Substitute example values above with valid URLs for https_proxy and http_proxy only. You must specify the IP address of the instance metadata endpoint (169.254.169.254) for the no_proxy variable.

  4. Restart the AWS agent by first stopping it using sudo /etc/init.d/awsagent restart.

    Proxy settings are picked up and used by both the AWS agent and the auto-update process.